REMARKS 



Applicants are in receipt of the Office Action mailed March 9, 2004. Claims 1 - 
52 remain pending in the application. Reconsideration is respectfully requested in light 
of the following remarks. 

Section 103(a) Rejection : 

The Office Action rejected claims 1-7, 9-13, 15-24, 26-31, 33-41, 43-49 and 51- 
52 under 35 U.S.C. § 103(a) as being unpatentable over Hu (U.S. Patent 5,586,260). 
Claims 8, 14, 25, 32, 42 and 50 were rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Hu in view of Thompson (U.S. Patent 6,622,050). Apphcants 
respectfully traverse these rejections in light of the following remarks. 

Hu teaches a method and apparatus for authenticating a client for a server when 
the client and server have different security mechanisms. Specifically, an intermediary 
system known as an authentication gateway provides for authentication of the client using 
the client security mechanism, and impersonation of the client in a call to a server that the 
client wishes to access. (Abstract) 

More specifically, Hu teaches at col. 1, lines 32 - 44 that: 

The problem is most apparent in the integration of personal computers 
(PCs) with networks of larger computer systems. For example, if the 
larger systems employ Distributed Computing Environment (DCE) 
security protocols, it will in general be inconvenient and costly to provide 
each connected PC with the appropriate software necessary for 
authentication in accordance with DCE security. Consequently, PCs do 
not provide DCE security and a PC client cannot directly access DCE 
servers. 

Stated more generally, the problem is to provide a mechanism that would 
allow a server to authenticate a client that had no knowledge of the 
server* s security protocol. The present invention is directed to this end. 
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Applicant can find no language in Hu which teaches or suggests "wherein the 
client-side library is implemented in accordance with a platform-independent 
interface speciflcation and implemented for one or more client platforms 
respectively corresponding to each of the one or more client computer systems". In 
contrast, Hu teaches the use of an authentication gateway as an intermediary system 
between a PC client and a DCE server. 

Furthermore, Applicant respectfully traverses the Examiner's assertion that it 
would have been obvious to incorporate using a platform independent interface 
specification with Hu's authentication in a distributed network where different objects 
(user or resources) across the network with different platforms can interact with each 
other. Hu teaches away from Applicant's claim 1 by using an authentication gateway to 
bridge the gap between incompatible client/server security protocols. In contrast, 
Applicant's claim 1 recites a system wherein "the client- side library is implemented in 
accordance with a platform-independent interface specification," and "the server-side 
library is implemented in accordance with the platform-independent interface 
specification." 

Although platform-independent interface specifications are known in the art in 
other contexts, the prior art does not teach or suggest a client-side authentication library 
implemented in accordance with a platform-independent interface specification to 
retrieve and encrypt a user profile associated with a user, and a server-side authentication 
library implemented in accordance with the platform-independent interface specification 
to authenticate the user for one or more network services. To the contrary, authentication 
is typically viewed in the prior art as a system-level fixnction and implemented specific to 
a particular operating system. 

As the Federal Circuit stated in In re Kotzab, 55 USPQ2d 1313, 1316 (Fed. Cir. 
2000): "Most if not all inventions arise from a combination of old elements. However, 
identification in the prior art of each individual part claimed is insufficient to defeat 
patentability of the whole claimed invention." The Examiner has not cited any prior art 
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reference that suggests implementing client-side and server-side authentication libraries 
in accordance with a platform-independent interface specification. Therefore, the 
rejection of claim 1 is unsupported by the teachings of the cited art and withdrawal 
thereof is respectfully requested. Similar arguments apply in regard to independent 
claims 18 and 35. 

In regard to claim 10, Applicants can find no teaching or suggestion in Hu of "one 
or more pluggable authentication modules". In contrast, Hu teaches a single 
authentication gateway operable to allow a server to authenticate a client that had no 
knowledge of the server's security protocol. The gateway in Hu cannot be swapped out 
for another module. There is clearly no description of Hu's gateway as pluggable. In 
fact, the presence of the same single gateway is required by Hu's teachings. Thus, Hu 
teaches away fi:'om pluggable authentication modules. Similar arguments apply in regard 
to claims 27 and 44. 

Further in regard to claim 10, Hu does not teach a gateway which is coupled to 
one or more managers, wherein the gateway is configured to provide network 
management services to the one or more managers, and one or more pluggable 
authentication modules which are operable to provide authentication of a manager. The 
Examiner refers to col. 2, lines 1-19 and col. 4, line 59 - col. 5, line 19 of Hu. However, 
this portion of Hu only refers to Hu's authentication gateway (which the Examiner is 
presumably corresponding to the one or more pluggable authentication modules in claim 
10). There is no description in these or any other portions of Hu of a gateway which is 
coupled to one or more managers, wherein the gateway is configured to provide network 
management services to the one or more managers. Thus, the rejection is clearly not 
supported by the teaching of Hu. Similar arguments apply in regard to claims 27 and 44. 

Further in regard to claim 10, Applicant can find no teaching or suggestion of Hu 
"wherein the one or more pluggable authentication modules are accessible by the 
gateway and the one or more managers through a platform-independent interface, 
wherein the gateway is configurable to authenticate the user to receive the network 
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management services using the pluggable authentication modules through the platform- 
independent interface". Applicant respectfully disagrees with the Examiner's assertion 
that it would have been obvious to incorporate using a platform-independent interface 
with Hu's authentication system in a distributed network where different objects (user or 
resources) across the network with different platforms can interact with each other. Hu 
teaches away from Applicant's claim 10 by using an authentication gateway to bridge the 
gap between incompatible client/server security protocols, rather than the platform 
independent interface of Applicant's claim 10. The Examiner has not cited any prior art 
that suggests one or more pluggable authentication modules are accessible by a gateway 
and one or more managers through a platform-independent interface. 

The rejection of numerous ones of the dependent claims is further unsupported by 
the cited art. However, since the rejection of the independent claims has been shovm to 
be improper, a further discussion of the dependent claims is not necessary at this time. 

Claims 8, 14, 25, 32, 42 and 50 were rejected under 35 U.S.C. § 103(a) as being 
impatentable over Hu in view of Thompson (U.S. Patent 6,622,050). Applicants note that 
the Examiner has not shown that the portions of Thompson relied upon in the rejection 
are prior art to the present application. The present application was filed April 21, 2000 
which is before the March 30, 2001 filing date of Thompson. Thompson claims the 
benefit of provisional appHcation 60/193,881 filed March 31, 2000. However, the 
provisional filing date can only be used as Thompson's 35 U.S.C. § 102(e) prior art date 
for the subject matter that is common to both the Thompson patent and the provisional 
application. Since it is common practice for a utility appUcation to include additional 
subject matter beyond what was included in the provisional application, the Examiner 
must show that the subject matter relied upon for the rejection is present in both the 
Thompson patent and the provisional application. Since the Examiner has not made this 
showing, the rejection is improper. Applicants remind the Examiner that the burden of 
proof to establish a proper rejection falls upon the patent office. In re Warner, 154 USPQ 
173, 177 (C.C.P.A. 1967), cert denied, 389 U.S. 1057 (1968). 
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Additionally, Thompson is not entitled to its provisional filing date as a section 
102(e) prior art date unless at least one claim of the Thompson patent is supported (under 
35 U.S.C. § 112) in the provisional application. Since the Examiner has not made this 
showing, the rejection is further improper. 
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CONCLUSION 



Applicants submit the application is in condition for allowance, and notice to that 
effect is respectfully requested. 

If any extension of time (under 37 C.F.R. § 1.136) is necessary to prevent the 
above referenced application from becoming abandoned, Applicants hereby petition for 
such extension. If any fees are due, the Commissioner is authorized to charge said fees to 
Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. Deposit Account No. 501505/5181- 
48700/RCK. 

Also enclosed herewith are the following items: 
IXI Return Receipt Postcard 
Q Petition for Extension of Time 
Q Notice of Change of Address 

[~| Fee Authorization Form authorizing a deposit account debit in the amount of $ 
for fees ( ). 
□ Other: 



Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. 

P.O. Box 398 

Austin, TX 78767-0398 

Phone: (512) 853-8850 

Date: April 28, 2004 



Respectfully submitted. 




Robert C. Kowert 
Reg. No. 39,255 

ATTORNEY FOR APPLICANT(S) 
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